Jump to content
Sign in to follow this  
1LtCAP

possibly stupid computer question

Recommended Posts

ok......awhile back, it seemed that when i'd open firefox. it kept trying to also open up a video download site. it was a legit site....i think it's related to one of the youtube video downlaod extensions i installed. don't like when a site opens on its own, so i installed "blocksite" which is a firefox extension to block websites from being opened.

 

 anyway, security essentials found and removed a couple exploits on its daily scan a couple days ago. since i noted that, i ran malewarebytes last night. it found 58 instances of pup.optional.blocksite.

 

 that leads to my question. i know pup is "potentially unwanted program". is the blocksite extension all that malewarebytes is seeing? or should i be removing that crap?

 

 thanks guys

Share this post


Link to post
Share on other sites

I think Firefox has an option to open up websites tabs when you load it. I recall having a similar issue with something stupid like Yahoo. I just had to go into the Firefox settings and delete the webpage from one of the boot options.

 

I also had an issue with Yahoo setting itself as the default search engine.. I really want to hurt yahoo, they are a very invasive company.

Share this post


Link to post
Share on other sites

Seems that block site just masks that something is trying to open up a new window. Open up the Firefox config and delete any and every addon and extension you don't trust. Make sure FF is set up to ask you before it installs any addons. I think the noscript extension has a whitelist now so you can use that while maintaining legit sites. If you don't already, install Adblock.

Share this post


Link to post
Share on other sites

ok......awhile back, it seemed that when i'd open firefox. it kept trying to also open up a video download site. it was a legit site....i think it's related to one of the youtube video downlaod extensions i installed. don't like when a site opens on its own, so i installed "blocksite" which is a firefox extension to block websites from being opened.

 

 anyway, security essentials found and removed a couple exploits on its daily scan a couple days ago. since i noted that, i ran malewarebytes last night. it found 58 instances of pup.optional.blocksite.

 

 that leads to my question. i know pup is "potentially unwanted program". is the blocksite extension all that malewarebytes is seeing? or should i be removing that crap?

 

 thanks guys

 

I would suggest removing everything, including extensions that give you unwanted behavior.  

 

Sounds like you had a malware infection of somesort.   If in doubt, clean it out.    You can always re-install something if you've found you've broken it.

Share this post


Link to post
Share on other sites

I'd suggest NoScript as an Add-On to Firefox.

 

As was said... remove it... re-install it.  Add NoScript.

 

NoScript blocks any site you don't approve. It remembers what you approve, unless you specify Temporary... ie.. if you are not sure you want some site loading.

 

I've used it for years.  It's a simple tool, but effective.

 

You'll figure it out quickly.

 

With security, there isn't one thing that's the answer.  The best solutions are a collection of tools. But for home users, that's a tough lift to deal with.  One thing I want to take a look at for home use is the Application Whitelisting functions of PC Matic.   I have hated their commercials for as long as they've been out. But if they built an Application Whitelisting system home users can use, it's worth looking into. AntiVirus is crap.  All of it. It can be bypassed in seconds. Whitelists are a better solution.  But the commercial packages require significant knowledge.  I've deployed Cisco Security Agent back in 2005 and we now use Bit9/Carbon Black.  But if you don't know what you're doing, you'll spend a year trying to deploy this kind of software.  

 

That's why I'm interested in taking a look at what PC Matic says they've created.  Just haven't had time.

Same thing goes for Web Filters.  If you don't block "unknown" or "unclassified", you're leaving yourself exposed more than you should.

 

Just some thoughts for anyone who's interested.

  • Like 1

Share this post


Link to post
Share on other sites

Malwarebytes isn't always the answer too..  ComboFix generally takes care of most infections including some really nasty ones that Malwarebytes can't get rid of.

 

http://www.bleepingcomputer.com/download/combofix/

 

ComboFix doesn't work with 8.1 or 10.

Share this post


Link to post
Share on other sites

You should be aware that a lot of the malware out there is pretty sophisticated.  And when you think you've cleaned it up... you didn't.  And screenshots and keylogs of your system are ending up in some Ukrainian guys hosted database.

 

It's not pleasant, but in a lot of cases, the best thing to do is nuke your system, including the disk partition the system was using and re-install the OS.

 

Share this post


Link to post
Share on other sites

You don't need No Script. Do what I do. Turn scripts off. I rarely need them, and everything annoying, spying, tracking, or malicious on the internet is loaded by scripts nowadays because web developers are lazy.

 

Open your Hosts file and follow the example in the Rem section at the top. Type the website, tab, and then 0.0.0.0 for the IP redirect. Your computer will never load that site again. It's better than 127, because 127 will cause a delay as it pings back. Or, download Hostman if you prefer a GUI for it.

Share this post


Link to post
Share on other sites

There is Malware and there is malware adhering to "regulations." If what used to be known as malware can be cleanly removed on demand it is no longer listed as malware. That means that your protection programs can allow the most annoying of bullshit to be installed as long as it can find a clean uninstaller.

It is totally up to you to find when it started happening and uninstall anything that came in at that time.

One of the worst offenders is downloading what you would think is a legitimate program or extension and accepting whatever else is included in the installer.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.



×
×
  • Create New...